Methods for iteratively deriving security keys for communications sessions

Assignee

• Microsoft Corporation · US

Inventors

• Arun Ayyagari · Seattle, US
• Daniel R. Simon · Redmond, US
• Bernard Aboba · Bellevue, US
• Krishna Ganugapati · Redmond, US
• Timothy M. Moore · Bellevue, US
• Pradeep Bahl · Redmond, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L2463/061
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Disclosed are methods for a client, having established one set of security keys, to establish a new set without having to communicate with an authentication server. When the client joins a group, master session security keys are derived and made known to the client and to the group's access server. From the master session security keys, the access server and client each derive transient session security keys, used for authentication and encryption. To change the transient session security keys, the access server creates “liveness” information and sends it to the client. New master session security keys are derived from the liveness information and the current set of transient session security keys. From these new master session security keys are derived new transient session security keys. This process limits the amount of data sent using one set of transient session security keys and thus limits the effectiveness of any statistical attacker.